Age | Commit message (Collapse) | Author | Files | Lines |
|
checking for write access in a directory before delete. Also
controls checking for write access before labeling a file read-only
if DOS attributes are not being stored in EA's.
Docuementation to follow.
Jeremy.
(This used to be commit dd1a5e6e499dd721c5bb8d56a61810a7454a3449)
|
|
excel files). Ensures that any missing user ACL entry will be generated
from a union of all group permissions that contain the user.
Awaiting feedback from the reporters.
Jeremy.
(This used to be commit 874353e617b314429359e8e9516898f670bbf539)
|
|
Jeremy.
(This used to be commit 60325ab1281ebbe70665b5f763065ca60ee9f682)
|
|
iterator functions so it can be used easily in a for loop.
Drops duplicated code from posix_acls.c
Jeremy.
(This used to be commit 81f30bf5985f5c6dc8399c4695dfa6f14140fde1)
|
|
Canaonicalise any +ve return to 1.
Jeremy.
(This used to be commit e594222d0ba7713088420f6c6603a74c1d5def8e)
|
|
Eric Stewart <eric@lib.usf.edu> I realised we weren't checking
against the current effective groupid (set by force group) as
well as the group list. Fix this.
Jeremy.
(This used to be commit 0c4058c0732b1faa87ca64b8f95ad2fe3106a69f)
|
|
with this....
Jeremy.
(This used to be commit 11c464268df2a0a5155e93d4a7d053d2920fcff0)
|
|
initializable
statically.
Volker
(This used to be commit 3493d9f383567d286e69c0e60c0708ed400a04d9)
|
|
(This used to be commit efea76ac71412f8622cd233912309e91b9ea52da)
|
|
entry never to match - it matches but if doesn't grant access is recorded
so the "other" entry isn't subsequently checked.
Fix the algorithm.
Jeremy.
(This used to be commit e3c7d08bb68f51bc05768467feb0af896a059e91)
|
|
Jeremy.
(This used to be commit 6609b209f513f0859040686a88ee6c7106c06008)
|
|
a "allow" entry of GROUP or GROUP_OBJ, then access is allowed. It doesn't
terminate on the first match. Added debug to show where the match occured
(or didn't).
Jeremy.
(This used to be commit 81fb3372867fa66a092841222e02bd1c104b2d19)
|
|
Jeremy.
(This used to be commit e831cef618d55c362e8d3a8a4c2b9f2ed7d4d7bd)
|
|
"read-only"
issue.
Jeremy.
(This used to be commit 80e788143a6c3d973d3b8e57d91ca5c4a83605b2)
|
|
SMB_ACL_MASK.
Fix bug #2521.
Jeremy.
(This used to be commit 21e3cf2f8f6129324ebb799f959f8d2afe0285d2)
|
|
this is set
then only the owner or root can delete a file. We now use
the same algorithm to check file delete.
Jeremy.
(This used to be commit eb18104d10428a5daef2316088edc3dbaff58708)
|
|
Jeremy.
(This used to be commit ecc134a2e3546ed77ab6f1dafc0249c78897e1f3)
|
|
to a WXPSP2 client we must do permission checking in userspace first
(this is a race condition but what can you do...). Needed for bugid #2227.
Jeremy.
(This used to be commit da23577f162b6bdca7d631fca256a9b3b04043e4)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
POSIX ACL set. You need to *get* a permset_t pointer from the entry before
any of the permset code will accept it as a valid value
Jeremy.
(This used to be commit 7e78059948612fa9f5d179a1e3f5f59e7ad5e456)
|
|
not an existing one.
Jeremy.
(This used to be commit fbbdb72cf1adfe567112556626f26b031747f440)
|
|
ensure
SE_DESC_DACL_PROTECTED is set if "map acl inherit = no".
Jeremy.
(This used to be commit 934c41b474c8959310389378bfa7d3332bd5ec79)
|
|
Use def_acl everywhere instead of dir_acl.
Jeremy.
(This used to be commit d28611c960f87830aa8449725951984aa155b089)
|
|
How do the share mask/modes fit into this code... Need to think about this.
Jeremy.
(This used to be commit 1aa1c2f489f5b92c3696e7b9123061d91babc34e)
|
|
One part missing - delete file acl (to be added asap). No client
code yet, also needs testing with valgrind.
Jeremy.
(This used to be commit 6101ec2247c182fde6ea3e7e1f64a92b353ec4e8)
|
|
Jeremy
(This used to be commit 089a76f611187e2ba4c3363b657905d04576109e)
|
|
Guenther
(This used to be commit 3acc74eef5dae16d7e2792206640904265c42494)
|
|
SATOH Fumiyasu <fumiya@samba.gr.jp>.
Jeremy.
(This used to be commit 7e35900bc6894d69f83c99ac6eb260d7cc35683a)
|
|
Memory leak in posix acl code.
Jeremy.
(This used to be commit c97aab7ee6bf1f385b445b4b0eb0e1df7e9a56f5)
|
|
Jeremy.
(This used to be commit 31505acf033c7d76592bb5b4ef80b29a00658c49)
|
|
security
descriptor for a file, if the owner sid is not known, the owner uid is set to
the current uid. Same for group sid.
This makes xcopy /o possible for files that are owned by local users/groups
(local administrators for example).
Thanks to Guenther for his persistence :-)
Volker
(This used to be commit 80e57d27909a9a1edad962e3f43c2178d2da2a92)
|
|
kawasa_r@itg.hitachi.co.jp. A couple of mem leak fixes in
mainline code paths though :-).
Jeremy.
(This used to be commit 4695cc95fe576b6da0d0cb0686f208fc306b2646)
|
|
(This used to be commit b7703799f8899affda205eacb0bf79cf8e2b9362)
|
|
swap lookups for user and group - group will do an
algorithmic lookup if it fails, user won't.
Jeremy.
(This used to be commit a205c56a75c93c82796fd68687e8c0db26459073)
|
|
dos attributes in an EA. Based on an original patch from tridge, but
modified somewhat to cover all cases.
Jeremy.
(This used to be commit ed653cd468213e0be901bc654aa3748ce5837947)
|
|
New protocol option "ea support" to turn them on (off by default). Conrad
at Apple may like this as it allows MacOS resource forks to be stored on
a file. Passes valgrind. Documentation to follow.
Jeremy.
(This used to be commit 8cc10a6c0550c017a62e8a3790afd2172d173e00)
|
|
if the file has an ACL.
Jeremy.
(This used to be commit 7bf5ed30ce74ba658ca35059955748c1d8cbd6d2)
|
|
(This used to be commit 23443e3aa079710221557e18158d0ddb8ff48a36)
|
|
CREATOR_OWNER/CREATOR_GROUP uid/gid entries in the SAMBA_PAI attribute.
Creator Owner and Creator group now show up as inherited correctly (I
think :-). Jim please test.
Jeremy.
(This used to be commit dbbd8dd15582f95fb9c160c6c42ce9f0971ac4b7)
|
|
not sorting returned ACE's correctly w.r.t. W2K - implemented the correct
algorithm.
Jeremy.
(This used to be commit fa23a4158ec23c0b8dbdc6c53f29958243107dee)
|
|
Hopefully will fix jcmd bugs :-).
Jeremy.
(This used to be commit 482e6c79edefc8aaacbb37f807d2076e59b40e26)
|
|
As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK
This patch will cure the problem.
Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is
used correctly, but I'm not 100% sure, coders should check the use of
NT_STATUS_IS_ERR() in samba is ok now.
Simo.
(This used to be commit c501e84d412563eb3f674f76038ec48c2b458687)
|
|
Jeremy.
(This used to be commit fa8ca20ed440673d02ac5669f8d4c6623c1fdb6d)
|
|
if available. Adds new parameter "map acl inheritance" (docs coming soon)
off by default. Allows W2K acl inheritance dialogs to work correctly on
POSIX acls.
Jeremy.
(This used to be commit a83595e80ae539135fa1a65d6066b10ac94fbad1)
|
|
allow them to be changed. Works well with W2K and above.
Jeremy.
(This used to be commit 685e4e518236079f201650f26152f6f9ad3c61ab)
|
|
This gets us closer to W2k+ in what we return for file ACLs. Fix horribly
broken make_sec_desc() that screwed up the size when given a SD with no
owner or group (how did it get this bad... ?).
Jeremy.
(This used to be commit 183c9ed4052ab14e269ed1234ca557053f77e77a)
|
|
be applied to new ACE set calls. This is incorrect. Don't think this
has a bugzilla id.
Jeremy.
(This used to be commit cb70d8c9e87801c314d1b926d4e43ee451c04135)
|
|
(This used to be commit 1b2b7766c8fa89f46f4d1c881ee91c4b0b15773a)
|
|
moment as I don't think cumulative permission sets make sense in POSIX even
though that's the way Windows works....
Jeremy.
(This used to be commit 6ddd5b6ca7dde45ce866f852861e143434c84c7e)
|
|
VFS_ macros at system side. We currently have one clash with AIX and its VFS_LOCK. Compiled and tested -- no new functionality or code, just plain rename of macros for yet-unreleased VFS API version. Needs to be done before a24 is out
(This used to be commit c2689ed118b490e49497a76ed6a2251262018769)
|